Variations of the Blowfish crypt algorithm. You only need concern yourself with Blowfish crypt variations if you have passwords generated pre-2011 using the C-language crypt_blowfish library or a port thereof. CryptSharp was implemented from specification and is not a port, and therefore never had the bug these variants pertain to.Namespace: CryptSharp
Assembly: CryptSharp (in CryptSharp.dll) Version: 22.214.171.124
|The $2a$ prefix indicates nothing about whether or not the crypted password was created with a pre-2011 version of the C-language crypt_blowfish library. Pre-2011, that library had a sign extension bug affecting non-ASCII passwords. See EmulateCryptBlowfishSignExtensionBug for a more detailed explanation of the bug in question.
|The $2x$ prefix indicates that these passwords were generated with pre-2011 crypt_blowfish or a port originating from it. If you have old crypted non-ASCII passwords you can't re-derive, and still want to verify them with CryptSharp, ensure that they have the $2x$ prefix instead of the $2a$ prefix. This will indicate to CryptSharp that it should emulate the bug when verifying the password.
|The $2y$ prefix indicates that pre-2011 crypt_blowfish's sign extension bug does not affect these crypted passwords. For passwords crypted with CryptSharp, this has always been true and as such selecting this variant changes the prefix but otherwise does not affect the output.